foo_pcib_[read|write]_config() functions rather than relying on
a break or return being in the CFG macro.
This fixes a panic later in the boot process on a UP1000. From
inspection, it looks like this fixes a similar problem in the tsunami code.
Approved by: dfr
kern.ps_showallprocs. Apparently got lost in the merge process from
the capability patches. Now fixed.
Submitted by: jdp
Obtained from: TrustedBSD Project
- Remove DELAY() kludge before power off.
- Move EVENTHANDLER_REGISTER to acpi_attach().
- Pass RB_POWEROFF flag to shutdown_nice().
Reviewed by: msmith
- Enable WB cache via CCR2 and CR0.
- Set the need_pre_dma_flush when the CPU_I486_ON_386 option is
defined.
Submitted by: Kaho Toshikazu <kaho@elam.kais.kyoto-u.ac.jp>
drives. Some IDE cards don't set propler information into BIOS work
are and their sector size were always recognized as 256 bytes/sector.
Pointed out by: jagarl@creator.club.ne.jp
kernel can instigate an orderly shutdown but still determine the form of
that shutdown. Make it possible eg. to cleanly shutdown and power off the
system under ACPI when the power button is pressed.
the build (oops!): replace calls to p_trespass() and PRISON_CHECK()
with p_can(..., {P_CAN_SEE, P_CAN_DEBUG}, NULL)
o Remove volatile usage from procfs_readdir() to remove warnings
o Apply bp's CREATE fix to linprocfs, causing EROFS to be returned on
CREATE calls to procfs_lookup()
o Some further synchronization still needs to occur: only existing
access checks were replaced, to fix the build--the new ones were not
added. I'll do this later today, this is a "fix the build quickly"
commit. This means that, in the interim, some information leakage
can still occur via linprocfs when using jail or kern.ps_showallprocs
Submitted by: knu
Approved by: des
Obtained from: TrustedBSD Project
not when ${firewall_type} is set to a filename, as we know
nothing about user's script specifics.
Reported by: Bernhard Valenti <bernhard.valenti@gmx.net>
- New support for 40LD firmware found in Series 475 and 471 adapters.
- Better support for 8LD firmware adapters
- Ioctl passthrough interface for userland utilities.
- Improved error handling and queueing.
- Several bugfixes (including the 'still open' shutdown bug and
closing some small race conditions).
- Zone-style command allocator, reducing memory wasted under heavy
load conditions.
- CAM interface (disabled and not fully working) for SCSI passthrough
access to non-disk devices
Thanks to AMI for supplying a pile of new adapters and various other
help in making this happen.
shouldn't be built by default. pcic and pccard are going to go
through some changes and I'll not be testing them on the alpha so I
don't want to break them for the FreeBSD/alpha folks.
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
time being, the ASU accounting flag will no longer be available, but
may be reinstituted in the future once authorization have been redone.
As it is, the kernel went through contortions in access control to
avoid calling suser, which always set the flag. This will also allow
suser to accept const struct *{cred, proc} arguments.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project